Feeds

Terror phone clone scam exposed

Rogers bill probe unveils abuse

Build a business case: developing custom apps

Affiliates of terrorist organization Hezbollah cloned the mobiles of senior executives of Canadian operator Rogers Communications, including chief exec Ted Rogers. Even though the firm had technology in place to trigger alerts over suspicious departures in call activity, Rogers staffers were too frightened of inconveniencing bosses to do anything about the fraud, Canadian paper the Globe and Mail reports.

The scam only came to light after law professor Susan Drummond challenged a mobile phone of C$12,000 she received after her return from a month-long trip to Israel. The monster mobile bill listed more than 300 calls made in August to foreign countries including Libya, Pakistan, Russia and Syria. Drummond was told she'd have to foot the bill despite her protests than she'd never previously made overseas calls using the account. Her normal bill was around C$75.

Rogers' continued insistence that the bill nevertheless had to be paid prompted Drummond and her partner, Harry Gefen, to begin investigating. That probe hit pay dirt when Gefen tape recorded an interview with a Rogers security manager, Cindy Hopper, who was speaking at a conference on telecoms fraud in Toronto in September. Unaware that Gefen was an aggrieved punter, Hopper told him that terrorists groups linked to had Hezbollah repeatedly cloned the mobile phones of senior Rogers execs in 1997 and 1998. Senior Rogers' execs were perfect targets for fraud since staffers could not be sure if calls were legitimate or not. Fear of inconveniencing their superiors over something that turned out to be a false alarm prevented workers from taking any action.

"They were cloning the senior executives repeatedly, because everyone was afraid to cut off Ted Rogers' phone," Hopper told Gefen, in an interview that recognised the cleverness of the social engineering trick. "They were using actually a pretty brilliant psychology. Nobody wants to cut off Ted Rogers' phone or any people that are directly under Ted Rogers, so they took their scanners to our building... Nobody wants to shut off Ted. Even if he is calling Iran, Syria, Lebanon, and Kuwait."

During the interview, Hopper confirmed that Rogers had a system in place similar to those used by banks to flag up suspicious card transactions that was capable of spotting fraud-in-progress. The information obtained by her partner enabled Drummond to file a small court claim against Rogers Wireless alleging that it "profiting from crime" by failing to shut down stolen mobile phones.

Initially Rogers resisted this action arguing that Drummond was responsible for calls made on the account prior to reporting that her phone was been misused. However after the story broke over the weekend, Rogers CEO Ted Rogers intervened and offered to write off the debt along with paying Gefen and Drummond's out-of-pocket expenses. Drummond also extracted from the chief exec to a promise to attend their house and hear their concerns over a cup of tea.

"I'm glad that we got somewhere with this fight, but it shouldn't take a law professor and a technology journalist to make them behave like decent corporate citizens," Drummond told the Globe and Mail. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Israel's Iron Dome missile tech stolen by Chinese hackers
Corporate raiders Comment Crew fingered for attacks
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?